RE: iptables and samba

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 




i captured the output of tcpdump but it becomes a file with many entries so i attached it here with. please check it.
and note that the problem only occurs one time. the first time when i open the share it takes 4 minutes after that if i close share and then open it it doesnt take time. but if i restart my client computer then it takes time when connecting to share first time


Regards
Azeem

From: "azeem ahmad" <azeem484@xxxxxxxxxxx>
To: netfilter@xxxxxxxxxxxxxxxxxxx
Subject: RE: iptables and samba
Date: Thu, 27 May 2004 20:56:37 +0000



neither WINS nor DNS is on my network. only a caching only name server i m running. and i captured the output of /var/log/messages and that is as below
and i added rules for port udp 137,139,139 and tcp 137,138,139 mean all three ports of both protocols but it doesnt seem to work


------------------------------------------------------------------------------------------------------------------------------
May 28 01:36:27 subzero kernel: IN=eth0 OUT= MAC=00:b0:d0:3d:84:1f:00:07:e9:f4:4d:ce:08:00 SRC=192.168.0.2 DST=192.168.0.100 LEN=60 TOS=0x00 PREC=0x00 TTL=128 ID=51870 PROTO=ICMP TYPE=8 CODE=0 ID=512 SEQ=1024
May 28 01:36:32 subzero kernel: IN=eth0 OUT= MAC=00:b0:d0:3d:84:1f:00:07:e9:f4:4d:ce:08:00 SRC=192.168.0.2 DST=192.168.0.100 LEN=60 TOS=0x00 PREC=0x00 TTL=128 ID=51873 PROTO=ICMP TYPE=8 CODE=0 ID=512 SEQ=1280
May 28 01:36:38 subzero kernel: IN=eth0 OUT= MAC=00:b0:d0:3d:84:1f:00:07:e9:f4:4d:ce:08:00 SRC=192.168.0.2 DST=192.168.0.100 LEN=60 TOS=0x00 PREC=0x00 TTL=128 ID=51878 PROTO=ICMP TYPE=8 CODE=0 ID=512 SEQ=1536
May 28 01:36:43 subzero kernel: IN=eth0 OUT= MAC=00:b0:d0:3d:84:1f:00:07:e9:f4:4d:ce:08:00 SRC=192.168.0.2 DST=192.168.0.100 LEN=60 TOS=0x00 PREC=0x00 TTL=128 ID=51879 PROTO=ICMP TYPE=8 CODE=0 ID=512 SEQ=1792
May 28 01:36:57 subzero kernel: IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:07:e9:f4:4d:ce:08:00 SRC=192.168.0.2 DST=255.255.255.255 LEN=51 TOS=0x00 PREC=0x00 TTL=128 ID=51886 PROTO=UDP SPT=8167 DPT=8167 LEN=31
May 28 01:36:59 subzero samba(pam_unix)[2284]: session closed for user azeem
May 28 01:38:09 subzero kernel: IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:07:e9:f4:4d:ce:08:00 SRC=192.168.0.2 DST=255.255.255.255 LEN=81 TOS=0x00 PREC=0x00 TTL=128 ID=32 PROTO=UDP SPT=8167 DPT=8167 LEN=61
May 28 01:38:09 subzero kernel: IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:07:e9:f4:4d:ce:08:00 SRC=192.168.0.2 DST=255.255.255.255 LEN=45 TOS=0x00 PREC=0x00 TTL=128 ID=33 PROTO=UDP SPT=8167 DPT=8167 LEN=25
May 28 01:38:09 subzero kernel: IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:07:e9:f4:4d:ce:08:00 SRC=192.168.0.2 DST=255.255.255.255 LEN=45 TOS=0x00 PREC=0x00 TTL=128 ID=35 PROTO=UDP SPT=8167 DPT=8167 LEN=25
May 28 01:38:29 subzero kernel: IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:07:e9:f4:4d:ce:08:00 SRC=192.168.0.2 DST=255.255.255.255 LEN=45 TOS=0x00 PREC=0x00 TTL=128 ID=43 PROTO=UDP SPT=8167 DPT=8167 LEN=25
May 28 01:38:59 subzero samba(pam_unix)[2552]: session opened for user must by (uid=0)
May 28 01:39:33 subzero kernel: IN=lo OUT= MAC=00:00:00:00:00:00:00:00:00:00:00:00:08:00 SRC=127.0.0.1 DST=127.0.0.1 LEN=60 TOS=0x00 PREC=0x00 TTL=64 ID=7796 DF PROTO=TCP SPT=35625 DPT=80 WINDOW=32767 RES=0x00 SYN URGP=0
May 28 01:39:36 subzero kernel: IN=lo OUT= MAC=00:00:00:00:00:00:00:00:00:00:00:00:08:00 SRC=127.0.0.1 DST=127.0.0.1 LEN=60 TOS=0x00 PREC=0x00 TTL=64 ID=7797 DF PROTO=TCP SPT=35625 DPT=80 WINDOW=32767 RES=0x00 SYN URGP=0
May 28 01:39:42 subzero kernel: IN=lo OUT= MAC=00:00:00:00:00:00:00:00:00:00:00:00:08:00 SRC=127.0.0.1 DST=127.0.0.1 LEN=60 TOS=0x00 PREC=0x00 TTL=64 ID=7798 DF PROTO=TCP SPT=35625 DPT=80 WINDOW=32767 RES=0x00 SYN URGP=0
May 28 01:39:50 subzero kernel: IN=ppp0 OUT= MAC= SRC=202.124.201.161 DST=202.124.192.166 LEN=48 TOS=0x00 PREC=0x00 TTL=112 ID=38996 DF PROTO=TCP SPT=4811 DPT=2745 WINDOW=8760 RES=0x00 SYN URGP=14133
May 28 01:39:54 subzero kernel: IN=lo OUT= MAC=00:00:00:00:00:00:00:00:00:00:00:00:08:00 SRC=127.0.0.1 DST=127.0.0.1 LEN=60 TOS=0x00 PREC=0x00 TTL=64 ID=7799 DF PROTO=TCP SPT=35625 DPT=80 WINDOW=32767 RES=0x00 SYN URGP=0
May 28 01:40:18 subzero kernel: IN=lo OUT= MAC=00:00:00:00:00:00:00:00:00:00:00:00:08:00 SRC=127.0.0.1 DST=127.0.0.1 LEN=60 TOS=0x00 PREC=0x00 TTL=64 ID=7800 DF PROTO=TCP SPT=35625 DPT=80 WINDOW=32767 RES=0x00 SYN URGP=0
May 28 01:41:06 subzero kernel: IN=lo OUT= MAC=00:00:00:00:00:00:00:00:00:00:00:00:08:00 SRC=127.0.0.1 DST=127.0.0.1 LEN=60 TOS=0x00 PREC=0x00 TTL=64 ID=7801 DF PROTO=TCP SPT=35625 DPT=80 WINDOW=32767 RES=0x00 SYN URGP=0
May 28 01:41:33 subzero kernel: IN=lo OUT= MAC=00:00:00:00:00:00:00:00:00:00:00:00:08:00 SRC=127.0.0.1 DST=127.0.0.1 LEN=60 TOS=0x00 PREC=0x00 TTL=64 ID=8465 DF PROTO=TCP SPT=35699 DPT=80 WINDOW=32767 RES=0x00 SYN URGP=0
May 28 01:41:36 subzero kernel: IN=lo OUT= MAC=00:00:00:00:00:00:00:00:00:00:00:00:08:00 SRC=127.0.0.1 DST=127.0.0.1 LEN=60 TOS=0x00 PREC=0x00 TTL=64 ID=8466 DF PROTO=TCP SPT=35699 DPT=80 WINDOW=32767 RES=0x00 SYN URGP=0
May 28 01:41:42 subzero kernel: IN=lo OUT= MAC=00:00:00:00:00:00:00:00:00:00:00:00:08:00 SRC=127.0.0.1 DST=127.0.0.1 LEN=60 TOS=0x00 PREC=0x00 TTL=64 ID=8467 DF PROTO=TCP SPT=35699 DPT=80 WINDOW=32767 RES=0x00 SYN URGP=0
May 28 01:41:54 subzero kernel: IN=lo OUT= MAC=00:00:00:00:00:00:00:00:00:00:00:00:08:00 SRC=127.0.0.1 DST=127.0.0.1 LEN=60 TOS=0x00 PREC=0x00 TTL=64 ID=8468 DF PROTO=TCP SPT=35699 DPT=80 WINDOW=32767 RES=0x00 SYN URGP=0
May 28 01:42:18 subzero kernel: IN=lo OUT= MAC=00:00:00:00:00:00:00:00:00:00:00:00:08:00 SRC=127.0.0.1 DST=127.0.0.1 LEN=60 TOS=0x00 PREC=0x00 TTL=64 ID=8469 DF PROTO=TCP SPT=35699 DPT=80 WINDOW=32767 RES=0x00 SYN URGP=0
May 28 01:42:32 subzero kernel: IN=lo OUT= MAC=00:00:00:00:00:00:00:00:00:00:00:00:08:00 SRC=127.0.0.1 DST=127.0.0.1 LEN=65 TOS=0x00 PREC=0x00 TTL=64 ID=0 DF PROTO=UDP SPT=32770 DPT=53 LEN=45
May 28 01:43:06 subzero kernel: IN=lo OUT= MAC=00:00:00:00:00:00:00:00:00:00:00:00:08:00 SRC=127.0.0.1 DST=127.0.0.1 LEN=60 TOS=0x00 PREC=0x00 TTL=64 ID=8470 DF PROTO=TCP SPT=35699 DPT=80 WINDOW=32767 RES=0x00 SYN URGP=0
-------------------------------------------------------------------------------------------------------------------------------------


Regards
Azeem
From: <alexis@xxxxxxxxxxx>
To: "azeem ahmad" <azeem484@xxxxxxxxxxx>
CC: <netfilter@xxxxxxxxxxxxxxxxxxx>
Subject: RE: iptables and samba
Date: Thu, 27 May 2004 16:28:35 -0000

it seems a name resolution issue.

check if you're using WINS or DNS and make sure you're allowing those ports
in orden to resolve the names. and it will work just fine


azeem ahmad <azeem484@xxxxxxxxxxx> dijo:

>
> no one out there could help me?
>
> >From: "azeem ahmad" <azeem484@xxxxxxxxxxx>
> >To: netfilter@xxxxxxxxxxxxxxxxxxx
> >Subject: iptables and samba
> >Date: Sun, 23 May 2004 09:20:52 +0000
> >
> >hi
> >i m using the script below
> >---------------------------------------------------------------------------
----------------------------------------------------------
> >iptables -F
> >iptables -t nat -F
> >iptables -P INPUT DROP
> >iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
> >iptables -A INPUT -i eth0 -p tcp --dport 8080 -j ACCEPT
> >iptables -A INPUT -i eth0 -p tcp --dport 22 -j ACCEPT
> >iptables -A INPUT -i eth0 -p tcp --dport 53 -j ACCEPT
> >iptables -A INPUT -i eth0 -p udp --dport 53 -j ACCEPT
> >iptables -A INPUT -i eth0 -p udp --dport 137 -j ACCEPT
> >iptables -A INPUT -i eth0 -p udp --dport 138 -j ACCEPT
> >iptables -A INPUT -i eth0 -p tcp --dport 139 -j ACCEPT
> >
> >iptables -t nat -A PREROUTING -p tcp --dport 80 -j REDIRECT --to-port 8080
> >#iptables -t nat -A PREROUTING -p udp --dport 80 -j REDIRECT --to-port 8080
> >
> >iptables -P FORWARD DROP
> >iptables -A FORWARD -m state --state ESTABLISHED,RELATED -j ACCEPT
> >iptables -A FORWARD -i eth0 -p tcp --dport 21 -j ACCEPT
> >iptables -A FORWARD -i eth0 -p tcp --dport 443 -j ACCEPT
> >iptables -A FORWARD -i eth0 -p tcp --dport 5000 -j ACCEPT
> >iptables -A FORWARD -i eth0 -p tcp --dport 5001 -j ACCEPT
> >iptables -A FORWARD -i eth0 -p tcp --dport 5005 -j ACCEPT
> >iptables -A FORWARD -i eth0 -p tcp --dport 5050 -j ACCEPT
> >iptables -A FORWARD -i eth0 -p tcp --dport 6660:6670 -j ACCEPT
> >iptables -A FORWARD -i eth0 -p tcp --dport 7000 -j ACCEPT
> >iptables -A FORWARD -i eth0 -p tcp --dport 28805 -j ACCEPT
> >iptables -A FORWARD -i eth0 -p tcp --dport 51215 -j ACCEPT
> >
> >iptables -t nat -A POSTROUTING -o ppp0 -j MASQUERADE
> >---------------------------------------------------------------------------
----------------------------------------------------------
> >
> >i have two shares on samba server "Soft and linux" in these shares there
> >are many folders. whenever i run the above script and then i open the
share
> >it takes atleast 4 minutes to open the share. but it doesnt take time
> >while browsing inside share.
> >mean there is a folder on soft share like soft/adobe/acrobat/acrobat6
> >when i double click on soft it takes atleast 4 minutes but after that when
> >i click on adobe then acrobat then acrobat6 it takes now time it just
brose
> >them normally. same problem is with the other share named linux.
> >but if i dont run this script then all shares work fine with no delay
> >
> >i dont know what is the udp port 80 for but i just saw its traffic on my
> >network in iptraf so i included it in my script
> >
> >Regards
> >Azeem
> >
> >_________________________________________________________________
> >Add photos to your e-mail with MSN 8. Get 2 months FREE*.
> >http://join.msn.com/?page=features/featuredemail
> >
> >
>
> _________________________________________________________________
> The new MSN 8: smart spam protection and 2 months FREE*
> http://join.msn.com/?page=features/junkmail
>
>
>




--




_________________________________________________________________
Help STOP SPAM with the new MSN 8 and get 2 months FREE* http://join.msn.com/?page=features/junkmail




_________________________________________________________________
Tired of spam? Get advanced junk mail protection with MSN 8. http://join.msn.com/?page=features/junkmail

Attachment: eth0.log
Description: Binary data


[Index of Archives]     [Linux Netfilter Development]     [Linux Kernel Networking Development]     [Netem]     [Berkeley Packet Filter]     [Linux Kernel Development]     [Advanced Routing & Traffice Control]     [Bugtraq]

  Powered by Linux